By Chris Smigielski, VP Model Risk Director, TIAA 

Interview ahead of  Risk Americas 2019 

Risk Americas 2019 is taking place in New York City on
May 14-15  2019 – find out more here www.risk-americas.com

Can you please tell the Risk Insights readers a little bit about yourself, your experiences and what your current professional focus is?

I’ve been in the financial services industry for over 30 years. I am currently the Director of Model Risk Management at TIAA Bank and have been with TIAA Bank’s Enterprise Risk Management Group for over six years. I’ve been the Director of Model Risk since our program was established. Being involved with the growth and maturity of our program has been a great professional experience.  Adapting our resources to meet our regulatory and program mandate has been challenging but very rewarding.

My background includes experiences in banking; Treasury and risk management, and bank consulting; Asset / Liability management and financial modelling.

What, for you, are the benefits of attending a conference like Risk Americas and what can attendees expect at the Convention this year?

The topics covered at the Risk Americas conference are always insightful and informative and cover different streams of risk, including model risk. Risk Americas is a great opportunity to meet with industry thought-leaders and practitioners to learn and share information about risk practices. Attendees can expect great topics, great dialogue and networking with fellow risk professionals, and to return to their organizations equipped and ready to take their risk program to the next level.  The presentations are excellent and wide ranging in content.  I always benefit from the overviews of best practices and learning from some of the challenges that others have addressed. Risk Americas is a ‘must go’ conference for any Risk professional.

You will be presenting at the upcoming Risk Americas 2019 to discuss managing model risk governance to maintain accuracy across lifecycle. Why is this a key talking point in the industry right now?

Managing model risk governance to maintain accuracy across the model lifecycle is about timely and comprehensive governance over the life of each model and all models in the inventory. It is and has been a key talking point because of the relative challenge it is to accomplish that task. It may seem simple but maintaining a current and accurate inventory is a challenge with new associates joining the company and other changes that we have experienced. Model risk should have automated activities like inventory attestations to verify models in the current inventory. There can be creative ways to uncover models by reverse engineering financial statements or committee reports to ask where information is derived. These activities help to assure that all models are inventoried and receive appropriate model governance.

How have new regulations affected the management of model risk?

New regulations have touched model risk indirectly as other supervisory requirements cite model risk as a necessary component to satisfy new or updated regulations. For example, a stress testing framework should incorporate validation or other type of independent review to ensure the integrity of processes and results, consistent with existing supervisory expectations. In our organization, we maintain a comprehensive and rigorous model risk program. We do not rewrite the program to accommodate new regulations.  Thankfully, the rigor of our program has worked well when it converges with new regulations.

What factors do you need to consider when managing the model life cycle?

Managing the model lifecycle really refers to model governance and model validation from initial development of the model through implementation, use, and finally model retirement some time later, perhaps years later.  Answering this requirement can be done by pointing to the entire model risk management program and ensuring its awareness throughout the organization.  Briefly, model governance is our reference to all the tools and techniques used for interaction with the model such as identification, risk rating, reviews, and performance monitoring outside of model validation.

What are the typical issues / challenges that you face when engaging the board and senior management in relation to managing model risk governance?

Our management and board risk committees have made our interactions very effective and informative.  Part of the reason, I believe is due to the healthy risk culture we have at our organization.  Model Risk is viewed as an important operational risk.  The expectation is to keep the committees fully informed about model risk within the company by successfully executing a comprehensive model risk program.  Our program has matured with their support and guidance.

How did you see legislation changing over the next 6 – 12 months and what impact will it have on model risk management?

The model risk management regulatory guidance has not materially changed from its original form almost a decade ago. There is quite a lot of discussion right now about Artificial Intelligence (AI) / Machine Learning (ML) models and their banking applications.  The largest bank organizations are already dealing with the reality of machine learning models and how to validate them.  It seems likely that there may be some regulatory update to model risk management guidance that specifically addresses model risk for the unique composition of AI and ML models in the organization.